README
pokemon-go-mitm-node
Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.
Take a look at the examples to get started. Feel happily invited to contribute more!
How to use it?
Setting up the server
Get nodejs
Get protobuf >= 3
Clone the code to experiment with the examples! (otherwise use it as a npm package)
git clone https://github.com/rastapasta/pokemon-go-mitm-node.git && cd pokemon-go-mitm-node
npm install
Setup the CoffeeScript interpreter (optional if using
npm
scripts)npm install -g coffee-script
Setting up your device
Prepare your phone to accept the MITM certificate
Android
- on a rooted phone: install the Xposed module pokemon-go-xposed
- otherwise: install a pre-patched version
iPhone
Using Xposed on Android
If you are using pokemon-go-xposed, set the custom endpoint to your machines IP (default port it 8082). All done!
Using iOS or Android without Xposed
Generate a CA MITM certificate
- Run
npm start
(orcoffee example.logTraffic.coffee
) to generate a CA certificate - Download the generated certificate from the started server via
http://host:8082/ca.crt
(or copy the file.http-mitm-proxy/certs/ca.pem
) - Add the certificate to the "trusted certificates" of your mobile (for "VPN and apps" on Android)
- Run
Setup your mobile's connection to use your machine as a proxy (default proxy port is 8081)
Done!
Troubleshooting
Android N requires a different certificate format, make sure you download
http://host:8082/ca.crt
to your mobileTo let an iPhone or iPad trust the certificate, you might have to save and email
http://host:8082/ca.crt
to yourself to open it in the Mail appOn very few systems (Raspberry Pi) the CA certificate has to be generated manually:
openssl genrsa -out .http-mitm-proxy/keys/ca.private.key 2048 openssl rsa -in .http-mitm-proxy/keys/ca.private.key -pubout > .http-mitm-proxy/keys/ca.public.key openssl req -x509 -new -nodes -key .http-mitm-proxy/keys/ca.private.key -days 1024 -out .http-mitm-proxy/certs/ca.pem -subj "/C=US/ST=Utah/L=Provo/O=PokemonCA/CN=example.com"
If you are unable to log in after installing the certificate on Android, you may have to reboot for apps to see the new CA (#208)
How to code it?
PokemonGoMITM = require './lib/pokemon-go-mitm'
server = new PokemonGoMITM port: 8081
# Replace all PokeStops with kittys!
server.addResponseHandler "FortDetails", (data) ->
data.name = "Pokemon GO MitM PoC"
data.description = "meow!"
data.image_urls = ["http://thecatapi.com/api/images/get?format=src&type=png"]
data
What's the status?
Thanks to the awesom work done around POGOProtos, all requests and responses can be intercepted and altered on the fly by now!
- AddFortModifier
- AttackGym
- CatchPokemon
- CheckAwardedBadges
- CheckCodenameAvailable
- ClaimCodename
- CollectDailyBonus
- CollectDailyDefenderBonus
- DiskEncounter
- DownloadItemTemplates
- DownloadRemoteConfigVersion
- DownloadSettings
- Echo
- Encounter
- EncounterTutorialComplete
- EquipBadge
- EvolvePokemon
- FortDeployPokemon
- FortDetails
- FortRecallPokemon
- FortSearch
- GetAssetDigest
- GetDownloadUrls
- GetGymDetails
- GetHatchedEggs
- GetIncensePokemon
- GetInventory
- GetMapObjects
- GetPlayer
- GetPlayerProfile
- GetSuggestedCodenames
- IncenseEncounter
- LevelUpRewards
- NicknamePokemon
- PlayerUpdate
- RecycleInventoryItem
- ReleasePokemon
- SetAvatar
- SetContactSettings
- SetFavoritePokemon
- SetPlayerTeam
- StartGymBattle
- UpgradePokemon
- UseIncense
- UseItemCapture
- UseItemEggIncubator
- UseItemGym
- UseItemPotion
- UseItemRevive
- UseItemXpBoost
Enjoy! And heaps of thanks to everyone who contributed here and on slack!